Skip to main content

Issues in Securing Electronic Transactions


The issues that confront us in relation to securing electronic transactions are :

  • Confidentiality
  • Integrity
  • Availability
  • Authenticity
  • Non-repudiability
  • Auditability


Confidentaility
Information should be protected from being read by external hackers or unauthorized internal users. It should be also safe while being transmitted on the network and make data unintelligible even if someone gets access to it. The content should be sent deciphered so that none other than the person who has the transformation algorithm can read it.

Integrity
Sometimes the message might be read and modified on its path. It should be possible to generate an alert on any modification -addition or deletion of the original content. Proper mechanisms are necessary to ensure end-to-end message content and copy authentication.

Availability
The information that is being stored or transmitted across communication networks should be available whenever required and to whatever extent as desired within pre-established time constraints. Some of the causes of unavailability of information are power outages,operational errors,network errors, application software errors,viruses and hardware problems. There are methods for implementation of counter measures to these hazards. But unfortunately they are beyond the scope of end-to-end message security for implementing e-commerce.

Authenticity
It is necessary that the information sent,should be sent to the right person for whom it is meant. Also on the other hand, when a message is received it should be possible to verify whether it has indeed been sent by the person or object claiming to be the originator. There should be enough safeguards to prevent any person or object from masquerading as some other person or object.

Non-repudiability
For e-commerce to grow and successfully thrive it is necessary to bind messages and message acknowledgements with their originators. That is after a person sends a message the sender should npt afterwards deny having sent it. Also the receiver of a particular message should not at a later date deny having received the message.

Auditability
Recording of audit data must be done in such away that all specified confidentiality and integrity requirements are met. Implementing a security solution in an E-commerce environment therefore necessitates a Risk Analysis of the business scenario. In some cases, confidentiality might be an extremely critical issue whereas in others it may only be data integrity that is of paramount importance. All possible threats should be considered and a security requirement policy drawn out for the organization based on a combination of some or all of the services listed above. 

Comments

Popular posts from this blog

Advantages of E-Commerce

Electronic Commerce increases Profits : Electronic commerce increases sales and decrease costs. Advertising on the web reaches all the users of that website. A firm can use the web to reach communities which are scattered geographically. The web's natural advantage is that it is low cost medium for disseminating information and processing transaction. for e.g the cost of advertising on the web is much less as compared to advertising in a newspaper. Another benefit of web based commerce is that information based industries excel here. A virtual organisation increases efficiency through the automation of processes. The cost of handling sales inquiries and determining product availability can be reduced with the help of e-commerce in the marketing process of the business. E-commerce increases the speed and accuracy with which businesses can exchange information which reduces costs on both sides of transactions. Another Advantage of e-commerce is ...

Unified Modeling Language- (UML)

Brief Background UML is a language for specifying,visualizing ,documenting and constructing the artifacts of software systems,as well as for business modeling and other non-software systems. UML has been developed by Grady  Booch, James Rumbaugh and Ivar Jacobson. Goals of UML are : To model systems using Object oriented concepts. To establish an explicit coupling to conceptual as well as executable artifacts To address the issues of scale inherent in complex , mission critical systems. To create a modeling language that can be used by humans as well as machines.  Understanding the thirteen diagrams of UML 2.x is an important part of understanding OO development. Although there is  far more to modeling than just the UML  the reality is the UML defines the standard modeling artifacts when it comes to object technology. There are three classifications of UML diagrams: Behavior diagrams . A type of diagram that depicts behavioral features of a ...

Local Area Networks LAN

Why use a LAN? The two basic reasons for developing a LAN are information sharing and resource sharing. Information sharing refers to business needs that require users to access the same data files ,exchange emails or search the internet for information. Resource sharing refers to one computer sharing a hardware device (for e.g a printer) or software package with other computers on the network. The main benefit of resource sharing is cost savings, while the main benefit  of information sharing is improved decision making. image courtesy Cray Networks Dedicated Server versus Peer-to-Peer Networks A dedicated server LAN has one computer that acts as the network server. It can connect with almost any other network,handle very large databases and use sophisticated LAN software. Moreover,high -end dedicated server LANs can be interconnected easily to form enterprise wide networks or in some cases replace the host mainframe central computer. Four common types of dedi...